VOTE Apply PR#9084 reverting DEVRANDOM_WAIT
Viktor Dukhovni
openssl-users at dukhovni.org
Fri Jun 7 19:08:24 UTC 2019
> On Jun 7, 2019, at 2:41 PM, Kurt Roeckx <kurt at roeckx.be> wrote:
>
>> This is not the sort of thing to bolt into the kernel, but is not
>> unreasonable for systemd and the like.
>
> The kernel actually already does this in recent versions, if
> configured to do it.
We're talking about what to do with for older kernels, and in
cases when the kernel cannot promptly obtain sufficient entropy
without external sources. The kernel's job is to mix in entropy
from natural activity. Boot-time acquisition of non-trivial entropy
by other means falls outside the kernel, and may be needed when
the kernel cannot obtain sufficient entropy on its own in a timely
manner.
--
Viktor.
More information about the openssl-project
mailing list